What is the TransUnion South Africa breach about and how to take action

by | 23 Mar 2022 | Threat Notices

Recommended audience for this post: All


One of South Africa’s largest credit bureaus has been hacked, TransUnion South Africa is now the second credit bureau to be hit in South Africa in recent years. Brazilian hacker group N4aughtysecTU, is demanding R224-million in ransom in the form of bitcoin within seven days or the records will be made public and certain clients will be targeted. They have claimed to have stolen 4TB of data from TransUnion made up of the personal records of 54 million South Africans and South African Businesses.

Initial reports indicate that a client’s account with a weak password was used to gain access to an isolated TransUnion South African server that contained client information. TransUnion is working with law enforcement and regulators at this stage.

So what does this mean?

All direct and indirect clients of TransUnion South Africa will be affected, even if the ransom is paid this is no guarantee that the hackers will not use the data they have stolen for other purposes. If you are a TransUnion South Africa client or do business with any of the organizations that use TransUnion for transactions, there is a good chance that your personal and company data such as ID numbers, Credit Scores, Banking Details, and a large amount of other Personal Identifiable Information could be sold or leaked online and be used to further extort your business or you personally.

How can AVeS Cyber Security Assist in this process?

Email us at support@aves.co.za with the subject TransUnionBreach and add your contact information.

What AVeS will do:

  1. Quote to be provided and the client to approve.
  2. Remote setup and implementation of personal identity protection suite.
  3. Monitor and manage software and identify any risks to the client and assist in the takedown 24/7.
  4. Connect with client IT and other impacted teams to resolve findings.

If your information has been leaked what should you look out for?


  1. Change your passwords on all your personal and business sites and systems.
  2. Enable or implement 2-factor authentication on all your personal and business sites and systems.
  3. Check for regular updates from TransUnion or your service provider regarding the breach.
  4. Watch your accounts and keep a close eye on your credit scores
  5. Consider identity theft protection services.
  6. If you are concerned about your credit you can request that the credit bureaus freeze your credit for a period of time.
  7. Be aware of potential scams or fraud on email, instant messaging, and social media platforms or phone calls requesting approvals or additional information from you.
  8. Never give any personal information to someone that is contacting you.

Your Call to Action

Find out from your bank or insurance company including any other organisation you might do business with that would possibly be using TransUnion South Africa as part of your credit bureau to transact with if your data has been shared with TransUnion South Africa.

The simplest and most effective protection method is to implement one of the industry-leading identity protection products, this will ensure your identity and brand are proactively monitored and protected from external threats.

Do you like this article? Sign up to receive updates of new articles like these straight in your email inbox >>

Pin It on Pinterest

Share This